Affect a server with remote PHP_问答_开发者_运维开发者技术经验分享

开发者 https://www.devze.com 2023-03-11 02:36 出处：网络

I\'m currently trying to allow my remote server(B) to affect my local server(A) with a php include. As a small test I put a php file in server A that include a file from server B, I allowed including

I'm currently trying to allow my remote server(B) to affect my local server(A) with a php include. As a small test I put a php file in server A that include a file from server B, I allowed including urls via php.ini and changed my user agent.

The file on server B include code to create a small test file that is supposed to be created on server A. The problem is that everytime I run server A's include the file gets created on server B, when I really want it 开发者_StackOverflow中文版created on server A.

Server A's code:

include("http://www.XXXXXXXXX.com/Test.php");

Server B's code:

   $ourFileName = "testFile.txt";
   $ourFileHandle = fopen($ourFileName, 'w') or die("can't open file");
   fclose($ourFileHandle);

On Server B, place the following line in your .htaccess file:

AddType text/plain .php

You need the code to be output by Server B to be read by Server A. At the moment it's being processed on Server A.

This will make your code visible to the public. It will also prevent any other PHP from being executed in that directory. You can use a <Files> directive to make it only apply to particular files, but it will always be available to the public. There are ways to restrict access there, both in PHP and in .htaccess.

If you don't want that to happen, there are ways to do that too but they're a bit more complex.

EDIT to respond to request
If you want to still execute PHP on Server B and selectively include files, I'd suggest creating a new file includer.php with content like the following:

<?php
if ('my-secret-key' == $_GET['auth']) {
    if (is_readable($_GET['file'])) {
        header('Content-type: text/plain');
        echo file_get_contents($_GET['file']);
    } else {
        header('Status: 404 Not found');
        header('Content-type: text/plain');
        die('<?php /* File not found */ ?>');
    }
} else {
    header('Status: 403 Forbidden');
    header('Content-type: text/plain');
    die('You do not have permission to access this page.');
}

And then on your Server A:

include ('http://example.com/includer.php?auth=my-secret-key&file=Test.php');

You should also look at using basename() on $_GET['file'] on Server B if you can, to improve security, and hash()ing your auth parameter.

There are multiple security issues raised by what you are doing. While php is very flexible and can be configured to do such things, I would not recommend the way you are doing it.

There are others ways to have server 'a' create files on remote host 'b'.

Personnaly, I am very fond of the ssh functions to do remote tasks in a relatively secure manner.